Ari Schwartz, vice president and COO of the Center for Democracy & Technology, writes an opinion column about consumer privacy in the Hill. Schwartz writes in response to a previous opinion column on the issue by Randall Rothenberg, President and CEO of the Interactive Advertising Bureau.
Internet privacy continues to be a major concern among Americans. In a recent study, the Annenberg School found that 69 percent of American adults feel there should be a law that gives people the right to know everything that a website knows about them; 92 percent of those surveyed believe there should be a law that requires “websites and advertising companies to delete all stored information about an individual,” if requested to do so; and 35 percent of the respondents believe that officials of companies that break these laws should serve jail time. These strong responses suggest that there is pent-up anger about the lack of transparency, control and respect for the use of personal information. […]
While a half-million complaints [to consumer protection agencies] in two years obviously does not paint the self-regulatory success story Rothenberg may want legislators to see, it does highlight one major problem identified in the report: Consumer protection agencies are using different terms to identify the same types of complaints. What one agency calls a “spyware” complaint, another may call “identity theft” and a third may call simply “Internet fraud.” The consumer protection agencies cannot share information among themselves to prevent privacy violations if they can’t even agree on the basic terminology.
Based on this information, CDT has developed a privacy complaint tool to help consumers file complaints with state AGs, the FTC and with friends using a more standardized terminology.
Congress could further address this problem in its efforts to address the growing concerns of Americans on privacy. It should enact a comprehensive privacy law that provides clear definitions that would allow the FTC to develop a more detailed complaint system for consumers that could be used by states and non-government consumer protection organizations. The law should be based on the fair information practices of: transparency; individual participation; purpose specification; data minimization; use limitation; data quality and integrity; security and accountability.